The DevOps, IT security and IT governance communities will remember 2021 as the year when the Software Bill of Materials , or SBOM, graduated from a “nice to have” to a “must have.” Around for years, the SBOM has now become a critical DevSecOps piece, which everyone must thoroughly understand and incorporate into their SDLC (Software Development Lifecycle).
When the PSP policies in Kubernetes are near their deprecation, with this article by Squadcast, you will learn a different approach for governing your Kubernetes cluster security using Kyverno - a policy management tool.
It's time to break down the silos separating SREs from security engineers.
We’re constantly told to “Shift Left” and that Secure DevOps is the only way to have confidence in your cloud native applications. But speaking to end-users and industry colleagues, it’s clear that there are some major challenges in adopting Secure DevOps. If we read our history books, we know that DevOps wasn’t successfully adopted by buying tools, and a true cultural movement towards DevOps wasn’t established by having a small dedicated team of DevOps specialists.
For the first time in its 30-year history, the 2021 RSA Conference was a virtual-only event, and not in its usual time during the spring. But, with 20,000 registrants joining for the various sessions, it was a testament to this year’s conference theme of resilience.
With DevOps teams moving at ever greater speed, it’s vital for security teams to be deeply involved at all stages of the software development and delivery lifecycle. Breaking down silos between development, operations, and security teams ensures that security considerations are not overlooked, that vulnerabilities are caught early, and that security checkpoints do not slow down the delivery process.